Hi everyone,
We discovered a security vulnerability in-house that applies to 1.7.x,
2.0.x, and 2.5.x. We've just released new builds of Review Board 1.7.29,
2.0.22, and 2.5.3 to take care of these. The vulnerability allows access to
file attachments, legacy screenshots, and metadata on review request
updates on private review requests through hand-crafted URLs.